FAQ

The recognised providers of regulated and qualified certificates must meet the requirements set out in the act (ESigA), the ordinance (ESigO), and the technical and administrative regulations governing certification services in relation to electronic signatures and other applications of digital certificates.

The recognition authority regularly assesses compliance.

Providers of other types of digital certificates are not obliged to comply with the above provisions and are not supervised by an independent body.

The requirements of the Federal Act of 18 March 2016 on Certification Services in relation to Electronic Signatures and Other Applications of Digital Certificates (ESigA) are comparable to those set out in Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.

The technical and administrative regulations issued by OFCOM refer to the European standards recognised by many European countries. Accordingly, millions of «qualified certificates» have been issued in European countries according to very similar criteria.

Qualified certificates from EU countries are not automatically recognised in Switzerland, however. The same is true of Swiss qualified certificates in the European Union. Mutual recognition of electronic signatures requires the conclusion of international agreements. So far, Switzerland has not concluded any such agreement.

CSPs must provide a dating system (time stamp) and offer time stamps to holders of regulated or qualified certificates on request.

Only recognised CSPs may issue regulated or qualified certificates.

Moreover, only electronic signatures based on a qualified certificate from a recognised CSP and bearing a qualified time stamp as defined in the Federal Act on Electronic Signatures (ESigA) have the same legal force as handwritten signatures. Recognition also represents a quality and security label that provides evidence of the provider's competence. Recognition is not necessary for issuing other types of certificates.

Interested CSPs can contact the sole recognition authority:

KPMG SA
Information Risk Management
Badenerstrasse 172
8026 Zürich
Tel. +41 58 249 31 31
www.kpmg.ch

If a foreign CSP has already been recognised by a foreign recognition authority, the Swiss recognition authority may do the same if it is demonstrated that:

• the CSP has obtained recognition under the law of the foreign country;
• the provisions of the foreign law relevant for recognition are equivalent to the Swiss provisions;
• the foreign recognition authority has qualifications equivalent to those required of Swiss recognition authorities;
• the foreign recognition authority guarantees cooperation with the Swiss recognition authority for supervising the CSP in Switzerland.

So far, no foreign CSP has been recognised in Switzerland in this way. Only Swiss CSPs have received recognition from the Swiss recognition authority. A foreign CSP can be recognised automatically in Switzerland if an international agreement exists between Switzerland and the country in which the CSP is established. However, Switzerland has not concluded any such agreement so far.

A certificate for electronic signatures issued by a certification service provider (CSP) is an electronic attestation linking the electronic signature validation data to a natural person and confirming at least the name or pseudonym of that person. In this way, the certificate, which is usually linked with the signed document, can be used to verify the identity of the signer and to determine whether the document has been signed with the private key assigned to the signatory.

Thanks to the strict requirements of the Federal Act on Digital Signatures (ESigA), qualified certificates for electronic signatures provide stronger guarantees for the identity of the signatory, greater technical security and thus greater legal certainty for the electronic signatures created.

There are different types of certificates. The requirements of the ESigA apply only to CSPs issuing «regulated» and «qualified» certificates. Anyone using other certificate types (anyone verifying the electronic signature) must pay attention to whether the requirements applied by the CSP for issuing certificates are sufficient. It does not suffice to check the designation of the certificate, given that use of the same designation for different certificate types cannot be ruled out. An "advanced" certificate may, for instance, have been issued according to different criteria.

• The holder of a qualified certificate can generate electronic signatures that are legally equivalent to handwritten signatures.
  
  
• The holder and the beneficiary of a regulated or qualified certificate are certain that the certificate has been issued in accordance with the security criteria defined in the act and is regularly checked by an independent body.
  
  
• The profiles of regulated or qualified certificates are defined in OFCOM's technical and administrative regulations and in the referenced international standards.
  
  
• The scope of the liability of the holder of a regulated or qualified certificate has been clearly defined by the legislature in Art. 59a SCO.

If the recognition authority and the recognised certification service provider breach their obligations arising from the act and the implementing provisions, they are liable for the damage suffered by the holder of a valid regulated or qualified certificate and the third parties who have relied on that certificate.

Certificates governed by Swiss legislation (ESigA) are valid in Switzerland and Liechtenstein. Swiss certificates are not recognised in the EU. They are only valid there as advanced certificates.

ESigA defines an electronic seal as an advanced electronic signature created using a secure seal creator as defined in Article 6 ESigA and based on a regulated valid certificate issued to a Business Identification Number (BIN) entity (organisation) in accordance with Article 31 paragraph 1 letter c of the Business Identification Number Act (BINA) and valid at the time the electronic seal was created.

Electronic seals provide proof that an electronic document has been issued by a specific organisation, thus ensuring the origin and integrity of the document.

Regulated certificates of this kind must be applied for by a person authorised to sign for the organisation.

A regulated or qualified certificate issued by a recognised CSP contains in particular:

• an indication that it is a regulated or qualified certificate;
  
  
• the name of the CSP which issued the certificate;
  
  
• the name of the recognition authority.

The Swiss Accreditation Service (SAS) publishes the list of recognised CSPs: List of recognised providers

The recognised CSP is obliged to comply with the provisions of the ESigA only in the context of issuing regulated or qualified certificates and is also supervised only in that regard by the recognition authority.

Users must be aware that the CSP does not necessarily have to comply with the security criteria set out in the ESigA and its implementing provisions when other certificate types are used.

ESigA only defines advanced certificates; it does not regulate them. In particular, it is not stated how advanced certificate holders are identified and what technical security advanced certificates have when used. There are advanced certificates of very high quality in terms of these two points, such as the signature certificate Federal Administration employees have on their smart card. However, there are also advanced certificates which establish the identity of the holder inadequately and which are only issued in the form of a copyable file.

The directory service is not mandatory.

Certificates are revoked in the event of the holder's death, at the request of the heirs at law, or if the smart card bearing the private signature key is lost or stolen, at the request of the holder. 

The CSP records revoked certificates with the revocation date in a so-called Certificate Revocation List until the certificate's regular expiry date or beyond.

When a document is signed, the Certificate Revocation List (CRL) is consulted and the resulting information can be integrated into the signature for the purpose of long-term validation (LTV capability). In this way, an electronic signature can be validated even if the CRL can no longer be accessed or the certificate has expired and the CRL therefore no longer records whether it has been revoked.

When a document is signed and validated, a qualified time stamp must be attached to the signature, at least in the case of qualified signatures. This provides trustworthy proof of the time of signing when the revocation check is made. 

The time stamp also provides proof of the time of signing for legal purposes. For the reasons mentioned, adding a qualified time stamp is also highly recommended for signatures with other certificates.

From the recognised providers of such certificates or service providers which are resellers of such certificates.

List of recognised certification service providers

CSPs have opened registration offices in several cities and regions. In some cases, mobile registration points can also be used.

Before the revision of Swiss legislation on e-signatures, i.e. before 2017, high-quality certificates and their signature keys were usually issued on a specially certified smart card (called a secure signature creation device). 

As of 2017, the revised ESigA allows certificates and their private signature keys to be stored on specially secured central signature servers operated by recognised CSPs. 

Either certificates with a term of several years are generated and recorded with their signature key, or a short-lived certificate with a term of a few minutes is generated and recorded with the associated private signature key each time a document is signed. 

The holders or users identified and registered by the recognised CSP log in to a signing application and to the signature server, load the document to be signed and launch the signing process. The hash (the document's digital fingerprint) is generated, sent to the signature server and signed there with the private signature key once the holder or user has entered their PIN via an app or mobile ID. Finally, the signed hash is sent back to the application, inserted into the document and the document is then saved. 

There has been a sharp decline in the number of certificates issued and associated signature keys on smart cards since 2017.

For information on CSP services, please see 'Signing – Commercial certification service providers' on this website.

The holders of qualified certificates must be natural persons.

However, a qualified certificate may be assigned to a natural person representing a legal person. In such cases, it is possible to mention the characteristics of this person and the name of the legal person in the certificate.

The holders of regulated certificates may be natural persons or UID entities. In the case of natural persons, a pseudonym may be provided in a regulated or qualified certificate instead of the real name.

Qualified certificates can be used only for electronic signatures of natural persons. An electronic signature ensures the authenticity and integrity of the data and is used to secure the transmission and archiving of the data.

Regulated certificates can also be used for the electronic signatures of natural persons. In addition, they can be used by UID entities to authenticate electronic data. They are also used for the encryption of electronic data and the authentication of natural persons or UID entities.

The presence of the applicant is not required during the generation of the applicant's keys by the CSP.

The CSP is not required to read this information to the applicant during the registration process.

An electronic signature, like an electronic seal, is data in electronic form that is attached to or logically linked with other data in electronic form and used by the signatory to sign a document. Electronic seals are used by organisations to sign documents. 

Like an analog handwritten signature, an electronic signature can be used to indicate that the signatory wrote the document, agrees with the content of the document or was present as a witness, for example. An electronic seal confirms the origin and integrity of the document.

'Electronic signature' is a legal term, 'digital signature' a technical term. However, they are not completely the same thing.

ESigA defines three different levels of electronic signature: advanced, regulated and qualified. The requirements of each level build on the requirements of the level below: a qualified electronic signature (QES) meets the most requirements and an advanced electronic signature the fewest. 

Only regulated electronic seals (for organisations) and qualified electronic signatures are regulated by ESigA (rules for identifying holders, technical regulations regarding security). 

Advanced electronic signatures (AESs) are defined but NOT regulated in ESigA. An AES is an electronic signature that meets the following requirements:

• it is assigned solely to the holder,
• it enables the holder to be identified,
• it is produced by means which the holder can keep under their sole control,
• it is linked to the data to which it relates in such a way that any subsequent change in the data can be detected.

The most commonly used technology that meets these requirements is based on the use of a public key infrastructure (PKI), involving certificates and cryptographic keys.

A qualified electronic signature (QES) is an AES with the following additional features: 

• It is created by a qualified signature creation device (QSCD) and 
• it is based on a qualified certificate. 

The qualified signature is equivalent to a handwritten signature and meets the requirement of the written form defined in Articles 12 to 14 of the Swiss Code of Obligations (CO, SR 220). An electronic document cannot be said to lack legal effect or excluded as evidence in legal proceedings solely on the grounds that it is in electronic form. 

A regulated electronic seal must be created by a secure signature creation device (SSCD) and is similar to a regulated certificate. It also has high probative value.

Although different levels of electronic signature may be appropriate in different contexts, only qualified electronic signatures are explicitly recognised in Switzerland as equivalent to handwritten signatures.

If the signature procedure meets the requirements set out in the act, the ordinance, and the technical and administrative regulations governing certification services in relation to electronic signatures, a qualified electronic signature can be created by an automated process.

The signatory does not necessarily have to take note of the data to be signed. However, the signature creation device used must not prevent the person signing from taking note of the content.

This is not necessary. A series of signatures can be performed by supplying the data only once.

It is possible to write down the activation data. However, such data must be kept in a safe place and separate from the signature creation device.

Products certified abroad that meet the requirements in the technical and administrative regulations can be provided by a Swiss CSP if the foreign body that certified the product has been accredited by an accreditation body that has signed the relevant EA (European Accreditation) multilateral agreement.

The recognition body is mandated to verify product certification.

Standard ETSI EN 319 411-2, which the CSPs must comply with according to the technical and administrative regulations of OFCOM, refers to document ETSI TS 119 312 with respect to selection of algorithms and key lengths.

According to Art. 14 para. 2^bis of the Swiss Code of Obligations (SCO), only a qualified electronic signature based on a qualified certificate issued by a recognised certification service provider, combined with a qualified time stamp within the meaning of the Federal Act on Electronic Signatures (ESigA), is deemed equivalent to a handwritten signature. However, only few transactions in Switzerland require a qualified electronic signature that is equivalent to a handwritten signature (e.g. consumer credit), given that Swiss contract law is based on the principle of freedom of form. Other electronic signature types can therefore be used if no handwritten signature of the contracting parties is required, provided that the latter are aware of the restrictions on use.

Regardless of this fact, use of the regulated certificates standardised by the ESigA (qualified personal certificates and certificates for electronic seals from Swiss providers recognised in accordance with the ESigA) has much higher evidential value than the use of other certificate classes and in that way creates greater trust in business and official transactions.

General use of products from a recognised provider assures users of the legal recognition of transactions requiring the written form. They can also prove to the signature verifier that certain security precautions were taken at the time of signature.

An electronic time stamp is data in electronic form that binds other data in electronic form to a particular time establishing evidence that the latter data existed at that time.

For example, a signatory can use an electronic time stamp to bind a signed document to a particular date and time and prove in the future that the signed document existed at this particular date and time.

ESigA states that a qualified electronic signature must be time-stamped. Most signature applications and server-based signature systems automatically add a qualified time stamp. In Adobe Acrobat Reader, however, the time-stamp feature has to be configured manually in the settings.

Appending an electronic time stamp to an electronic signature is also necessary so that the validity and revocation status of all the certificates used (entire certificate chain) can be checked when the document is signed.

Article 9 of the Ordinance on Electronic Communication in Administrative Proceedings (ECAPO) states rulings and invoices with the nature of an official ruling must have either a qualified electronic signature or a regulated electronic seal, at the discretion of the federal administrative unit involved. 

Such rulings and invoices may not be signed with advanced certificates, namely the signature certificate of Federal Administration employees on a smart card.

Advanced signatures can be used for legal transactions where the law (Articles 12–14 Swiss Code of Obligations (CO)) does not require the signature to be handwritten. They can thus be used to conclude most contracts, unless the law explicitly states that the written form must be used.

When using advanced signatures or advanced certificates, it is important to note that these are not regulated by ESigA in any way: for example, neither the identity of the owner of the certificate used nor the certificate's technical security are secured. Their quality, trustworthiness and thus their probative value are therefore significantly lower than that of qualified signatures. A judge may require an (expensive) expert opinion to be drawn up if the validity of an advanced signature is disputed by one of the parties. 

The expert opinion must establish whether the certificate in question has been issued by a trustworthy body, whether and how the identity recorded in it was verified and whether there is sufficient guarantee that the associated private signature key is secure and protected against misuse.

Most PDF viewers on smartphones, tablets and in web browsers cannot display electronic signatures or information about whether a document is electronically signed.

However, with the original Adobe Acrobat Reader (freeware) electronic signatures can easily be displayed and all the details (signature, time stamp, certificates, certificate chain, etc.) verified.

If someone needs to rely on an electronically signed document, it is important that they can verify the document and signatures with regard to the following:

• Integrity of the signed data. Integrity means that the signed data has not been changed after signing;
• Authenticity of the signed data. Authenticity means that the signature is supported by a qualified certificate that identifies the signatory and that only the signatory can create the signature.

The validation process is simplified as follows:

• The integrity of the data is verified;
• The validity of the certificate is verified;
• The qualified status of the certificate is verified (only in the case of qualified signatures)

It is verified whether the signature was created by a qualified SSCD (only for qualified electronic signatures).

Some PDF programmes (e.g. the original Adobe Acrobat Reader) can display all details of an electronic signature and provide technical verification. Depending on the trust-list settings (if available in the PDF programme), certificates which are valid under Swiss law (ESigA) and the associated electronic signatures may be displayed as invalid, whereas foreign certificates may be displayed as valid. For laypersons, it is difficult to understand why electronic signatures are displayed as valid in some cases and invalid in others.

The Federal Administration provides a free validator to the public which allows laypersons to see whether valid certificates and signatures are contained in a document in accordance with Swiss law and whether the document has a valid signature and time stamp. It is available at www.validator.ch.

The validator generates a detailed report of the validation results; this is available for download.

The validator essentially checks documents with a qualified signature or regulated seal. It also checks documents signed with the advanced signature on the Federal Administration employees' smart card. Other advanced signatures have not been tested to date. The validator also checks the validity of electronic versions of Swiss notarised documents.

There may be various reasons for this. One common reason is in the case of forms where additional form fields are filled in after the first signature. The signature in the document remains valid despite the annotations and the integrity of the PDF is guaranteed, provided the remaining verification items are valid. The annotation message is merely for information purposes.

One possible reason involves PDFs that have been saved as protected PDFs. These cannot be verified by the validator, as it cannot access all of the necessary information.